What is IEEE 802.1X?
IEEE 802.1X is a standard for network port-level authentication. It defines a mechanism by which a device is denied access to the network until it successfully authenticates through an external server (typically RADIUS).
Why is 802.1X needed?
- Enhances corporate network security
- Prevents unauthorized access
- Used in both Wi-Fi and wired LANs
Without successful authentication, the port remains in an “unauthorized” state and blocks all traffic.
Key Components
| Component | Role |
|---|---|
| Supplicant | The client device (e.g., PC or IP camera) |
| Authenticator | The switch or access point |
| Authentication Server | Typically a RADIUS server |
Protocol
The protocol used is EAP over LAN (EAPoL) for communication between the Supplicant and the Authenticator.
Where it is used
- University campuses
- Offices requiring network segmentation
- Wi-Fi networks using WPA2-Enterprise
FAQ
Does IEEE 802.1X work only with wired networks?
No. It is actively used in Wi-Fi networks in combination with WPA2/WPA3-Enterprise.
What happens if the RADIUS server is unavailable?
It depends on the configuration: the port may remain closed or switch to guest mode.
Is it supported on switches?
Yes. Almost all managed switches support 802.1X.
Conclusion
IEEE 802.1X provides strict access control at the network level. It is one of the foundational elements of Zero Trust architecture and a key enabler of secure corporate network access.
